FAQ

What is InCTF ?

InCTF is India's premier CTF style cyber security competition exclusively for Indian college and university
students new to cyber security.

What is a CTF ?

A Capture The Flag(CTF) is a competition for learning cyber security in a hands-on manner. Several
carefully designed challenges are hosted in a safe environment for participants to experiment and develop
skills in cyber security.

What is the aim of this contest ?

With the ever increasing growth in computer science, software protection has become an important part of any software engineering position. Participating in CTFs can help you think like an attacker, and teach you how to avoid having security vulnerabilities in your code.

How do I participate in the CTF ?

To participate in InCTF, all you have to do is register your team here.

What are the skills needed to participate ?

We assume that you are familiar with any programming language and in writing and debugging programs and some patience. We don't assume anything else. The other skills needed, you will develop it on the way.

What is this Mock Round ?

The Mock round is an Individual Round. The challenges in this round are pretty basic and will help you cover the basics of cyber security. This round will also familiarize you with the contest format, the challenge types and the contest portal itself.

I am not able to find a team partner. Can I participate on my own ?

We recommend that every team have 5 members. This is because CTFs are a team game and not individual in
nature. Several tasks need to be done in parallel, which requires multiple people on the team. The minimum
possible team size is 3.

Is running a hacking contest ethical ?

Lot of research has been done on this. Ethical hacking contests are increasingly becoming popular. Some of the CTFs organized across the world are listed here.

Who can participate in the event?

The contest is open to students studying in a college or university in India and are new to cybersecurity.
If you not studying in a college/university in India or are experienced, we recommend participating in the
more difficult version of InCTF.

What is JEOPARDY-style CTF ?

Jeopardy-style CTFs are wargames that have a set of challenges in different categories of cyber security. The challenges are awarded points based on the difficulty, and a scoreboard in maintained to rank all the teams that are actively participating.

What is ATTACK-DEFENCE CTF ?

In this format, each team is given a machine (or small network) to defend on an isolated network. They can connect their networks to game network through a Virtual Private Network (VPN). Teams score based both on their success in defending their assigned machine and their success in attacking other team’s machines. Each team needs to exploit the custom application services running at each team’s side. A team gains points by submitting the flags of other teams.

What is a flag ?

Flag is a string of random data or text in some format. For example, bi0s{_Y0u_g0t_th3_fl4g_}.

What are the different categories of CTF ?

► BINARY EXPLOITATION: Finding vulnerabilities in an application and exploiting it to escalate the privileges.
► REVERSE ENGINEERING: Process of cracking binaries one bit at a time to reveal its hidden secrets.
► WEB EXPLOITATION: Finding bugs in web applications and exploiting it to steal access.
► FORENSICS: Unravelling the mysteries of the footprints left behind by the attacks.
► CRYPTOGRAPHY: Deciphering highly encrypted messages by cracking complex algorithms.
► HARDWARE: Breaking and making electronics, perhaps anything with solder in it.
► ANDROID EXPLOITATION: Unmasking the issues in Android applications and internals.